made all apis token secured

2025-02-27 23:42:00 +01:00 · 2025-02-27 23:42:00 +01:00 · d04a25b0e0
commit d04a25b0e0
parent aa3cf50b5d
11 changed files with 149 additions and 71 deletions
--- a/core/command_auth.ts
+++ b/core/command_auth.ts
@ -0,0 +1,22 @@
+import Logger from "~/core/logger";
+import {createError} from "h3";
+import {jwt_globals} from "~/core/globals";
+import jwt from "jsonwebtoken";
+
+export function checkValidJwtToken(token: string) {
+    Logger.info("Checking token " + token);
+    if (!token) {
+        throw createError({ statusCode: 401, statusMessage: 'Unauthorized' });
+    }
+
+    const secret = jwt_globals.secret;
+    if (!secret) {
+        throw createError({ statusCode: 500, statusMessage: 'JWT secret not set' });
+    }
+
+    const decoded = jwt.verify(token, secret) as { userId: string };
+    if (!decoded?.userId) {
+        throw createError({ statusCode: 401, statusMessage: 'Invalid token' });
+    }
+    Logger.success("user has been authed, password: " + decoded.userId);
+}
--- a/pages/index.vue
+++ b/pages/index.vue
@ -12,6 +12,7 @@ const startVm = async (vm: any) => {
  try {
    const response = await axios.post('/api/controlVM', {
      action: 'start',
+      token: useCookie('token').value,
      vm: vm
    });
    console.log(response.data);
@ -32,6 +33,7 @@ const shutdownVm = async (vm: any) => {
    const response = await axios.post('/api/controlVM', {
      action: 'shutdown',
      force: settings.force_shutdown,
+      token: useCookie('token').value,
      vm: vm
    });
    console.log(response.data);
@ -98,8 +100,12 @@ const networkInfo = reactive({

 const fetchServiceInfo = async () => {
  try{
-    let services = await $fetch('/api/getServices')
-    services?.forEach((interface_obj) => {
+    //let services = await $fetch('/api/getServices')
+    const response = await axios.post('/api/getServices', {
+      token: useCookie('token').value
+    });
+    let services = response.data;
+    services?.forEach((interface_obj: serviceInterface) => {
      serviceInfo.services.push(interface_obj)
    });
    serviceInfo.isLoaded = true;
@ -110,8 +116,12 @@ const fetchServiceInfo = async () => {

 const fetchNetworkInfo = async () => {
  try{
-    let networkInfoFetch = await $fetch('/api/getNetworkInterfaces')
-    networkInfoFetch?.forEach((interface_obj) => {
+    const response = await axios.post('/api/getNetworkInterfaces', {
+      token: useCookie('token').value
+    });
+    let networkInfoFetch = response.data;
+
+    networkInfoFetch?.forEach((interface_obj: networkInterface) => {
      networkInfo.interfacesList.push(interface_obj)
    });

@ -123,7 +133,11 @@ const fetchNetworkInfo = async () => {

 const fetchOsInfo = async () => {
  try{
-    let systemInfoFetch = await $fetch('/api/getSystem')
+    const response = await axios.post('/api/getSystem', {
+      token: useCookie('token').value
+    });
+    let systemInfoFetch = response.data;
+
    console.log(systemInfoFetch)
    osInfo.name = systemInfoFetch?.platform || 'N/A'
    osInfo.version = systemInfoFetch?.distro || 'N/A'
@ -137,7 +151,10 @@ const fetchOsInfo = async () => {

 const fetchCpuTemp = async () => {
  try {
-    let cpuInfoFetch = await $fetch('/api/getCpu')
+    const response = await axios.post('/api/getCpu', {
+      token: useCookie('token').value
+    });
+    let cpuInfoFetch = response.data;
    console.log(cpuInfoFetch)
    cpuInfo.manufacturer = cpuInfoFetch?.info.manufacturer || 'N/A'
    cpuInfo.model = cpuInfoFetch?.info.brand || 'N/A'
@ -152,7 +169,10 @@ const fetchCpuTemp = async () => {

 const fetchMemoryInfo = async () => {
  try{
-    let memoryInfoFetch = await $fetch('/api/getMemory')
+    const response = await axios.post('/api/getMemory', {
+      token: useCookie('token').value
+    });
+    let memoryInfoFetch = response.data;
    console.log(memoryInfoFetch)
    let ram_cache = settings.ignoreCache ? (memoryInfoFetch?.cached ?? 0) : 0;
    if(memoryInfoFetch?.total != null)
@ -169,9 +189,12 @@ const fetchMemoryInfo = async () => {

 const fetchVMs = async () => {
  try{
-    let vmInfoFetch = await $fetch('/api/getVMs')
+    const response = await axios.post('/api/getVMs', {
+      token: useCookie('token').value
+    });
+    let vmInfoFetch = response.data;
    console.log(vmInfoFetch)
-    vmInfoFetch?.forEach(vm => {
+    vmInfoFetch?.forEach((vm: VM) => {
      vmInfo.vms.push(vm)
    })
    vmInfo.isLoaded = true
@ -184,7 +207,10 @@ const fetchVMs = async () => {

 const fetchSettings = async () => {
  try {
-    let settingsFetch = await $fetch('/api/getSettings')
+    const response = await axios.post('/api/getSettings', {
+      token: useCookie('token').value
+    });
+    let settingsFetch = response.data;
    console.log(settingsFetch)
    settings.ignoreCache = settingsFetch?.ignoreCache || false
    settings.enable_qemu_controls = settingsFetch?.enable_qemu_controls || false
--- a/server/api/auth.ts
+++ b/server/api/auth.ts
@ -2,25 +2,12 @@ import { defineEventHandler, getCookie, createError } from 'h3';
 import jwt from 'jsonwebtoken';
 import {jwt_globals} from "~/core/globals";
 import Logger from "~/core/logger";
+import {checkValidJwtToken} from "~/core/command_auth";

 export default defineEventHandler(async (event) => {
    try {
-        const token = getCookie(event, 'token');
-        Logger.info("Checking token " + token);
-        if (!token) {
-            throw createError({ statusCode: 401, statusMessage: 'Unauthorized' });
-        }
-
-        const secret = jwt_globals.secret;
-        if (!secret) {
-            throw createError({ statusCode: 500, statusMessage: 'JWT secret not set' });
-        }
-
-        const decoded = jwt.verify(token, secret) as { userId: string };
-        if (!decoded?.userId) {
-            throw createError({ statusCode: 401, statusMessage: 'Invalid token' });
-        }
-        Logger.success("user has been authed, password: " + decoded.userId);
+        const token = getCookie(event, 'token') || "";
+        checkValidJwtToken(token)
        return { success: true };
    } catch (error: any) {
        return createError({
--- a/server/api/controlVM.ts
+++ b/server/api/controlVM.ts
@ -1,12 +1,15 @@
 import { exec } from 'child_process';
 import Logger from "~/core/logger";
+import {checkValidJwtToken} from "~/core/command_auth";

 export default defineEventHandler(async (event) => {
    const body = await readBody(event);
-    const { action, force, vm } = body;
+    const { action, token, force, vm } = body;

    try {

+        checkValidJwtToken(token)
+
        const command = action === 'start' ? `virsh start ${vm.name}` : (force ? `virsh destroy ${vm.name}` : `virsh shutdown ${vm.name}`);

        console.log(command);
--- a/server/api/getCpu.ts
+++ b/server/api/getCpu.ts
@ -1,7 +1,13 @@
+import { defineEventHandler, getCookie, createError } from 'h3';
 import si from 'systeminformation';
+import {checkValidJwtToken} from "~/core/command_auth";

-export default defineEventHandler(async () => {
+export default defineEventHandler(async (event) => {
    try {
+        const body = await readBody(event);
+        const { token } = body;
+        checkValidJwtToken(token)
+
        const cpuData = await si.cpu();
        const cpuTemp = await si.cpuTemperature();

--- a/server/api/getMemory.ts
+++ b/server/api/getMemory.ts
@ -1,7 +1,12 @@
 import si from 'systeminformation';
-
-export default defineEventHandler(async () => {
+import {checkValidJwtToken} from "~/core/command_auth";
+import { defineEventHandler, getCookie, createError } from 'h3';
+export default defineEventHandler(async (event) => {
    try {
+
+        const body = await readBody(event);
+        const { token } = body;
+        checkValidJwtToken(token)
        const memoryData = await si.mem();

        return memoryData;
--- a/server/api/getNetworkInterfaces.ts
+++ b/server/api/getNetworkInterfaces.ts
@ -3,9 +3,15 @@ import si from 'systeminformation';
 import {VM} from "~/types/VM";
 import {networkInterface} from "~/types/networkInterface";
 import {settings} from "~/panel.config";
-
-export default defineEventHandler(async () => {
+import {checkValidJwtToken} from "~/core/command_auth";
+import { defineEventHandler, getCookie, createError } from 'h3';
+export default defineEventHandler(async (event) => {
    try {
+
+        const body = await readBody(event);
+        const { token } = body;
+        checkValidJwtToken(token)
+
        const network = await si.networkInterfaces();
        const interfaces_to_scan = settings.interfaces_to_scan || [];

--- a/server/api/getServices.ts
+++ b/server/api/getServices.ts
@ -3,12 +3,15 @@ import si from 'systeminformation';
 import {VM} from "~/types/VM";
 import {serviceInterface} from "~/types/serviceInterface";
 import {settings} from "~/panel.config";
-
-export default defineEventHandler(async () => {
+import {checkValidJwtToken} from "~/core/command_auth";
+import { defineEventHandler, getCookie, createError } from 'h3';
+export default defineEventHandler(async (event) => {
    try {
+        const body = await readBody(event);
+        const { token } = body;
+        checkValidJwtToken(token)
+
        const services = await si.services(settings.systemctl_services.join(', '));
-
-
        const interfaces: serviceInterface[] = [];
        if (Array.isArray(services)) {
            services.forEach((interface_obj) => {
--- a/server/api/getSettings.ts
+++ b/server/api/getSettings.ts
@ -1,10 +1,14 @@
 import si from 'systeminformation';
 import {settings} from "~/panel.config";
-
-export default defineEventHandler(async () => {
+import {checkValidJwtToken} from "~/core/command_auth";
+import { defineEventHandler, getCookie, createError } from 'h3';
+export default defineEventHandler(async (event) => {
    try {
+        const body = await readBody(event);
+        const { token } = body;
+        checkValidJwtToken(token)
        return settings
    } catch (error) {
-        console.error('Error fetching CPU info:', error);
+        console.error('Error fetching settings:', error);
    }
 });
--- a/server/api/getSystem.ts
+++ b/server/api/getSystem.ts
@ -1,7 +1,11 @@
 import si from 'systeminformation';
-
-export default defineEventHandler(async () => {
+import {checkValidJwtToken} from "~/core/command_auth";
+import { defineEventHandler, getCookie, createError } from 'h3';
+export default defineEventHandler(async (event) => {
    try {
+        const body = await readBody(event);
+        const { token } = body;
+        checkValidJwtToken(token)
        const systemData = await si.osInfo();

        return systemData;
--- a/server/api/getVMs.ts
+++ b/server/api/getVMs.ts
@ -4,41 +4,53 @@ import {vm_cache} from "~/core/globals";
 import Logger from "~/core/logger";
 import {reactive} from "vue";
 import type {VM} from "~/types/VM";
+import {checkValidJwtToken} from "~/core/command_auth";
+import si from "systeminformation";
+import { defineEventHandler, getCookie, createError } from 'h3';
+export default defineEventHandler(async (event) => {

-export default defineEventHandler(async () => {

-    if(vm_cache.vms.length > 0){
-        Logger.info("VMs are cached, refreshing vm states...")
-        for (const vm of vm_cache.vms) {
-            const stateValue = await getStateValue(vm.name, true)
-            vm.state = stateValue === "running" ? 'on' : 'off';
-        }
-    }else{
-        Logger.info("VMs havent been Loaded yet, loading now...")
-        for (const vm of settings.qemu_vms) {
-            Logger.info("Loading " + vm.name)
-            const vCpuCount = await getVcpuCount(vm.name);
-            const maxMemory = await getMaxMemory(vm.name);
-            const autostartValue = await getAutostartValue(vm.name);
-            const autostart = autostartValue === "enable";
-            const stateValue = await getStateValue(vm.name);
-
-
-            const state: 'on' | 'off' = stateValue === "running" ? 'on' : 'off';
-
-
-            vm_cache.vms.push({
-                name: vm.name,
-                os: vm.os,
-                vCpuCount: vCpuCount || 0,
-                maxMemory: maxMemory || 0,
-                autostart: autostart,
-                state: state
-            });
+
+    try {
+        const body = await readBody(event);
+        const { token } = body;
+        checkValidJwtToken(token)
+        if(vm_cache.vms.length > 0){
+            Logger.info("VMs are cached, refreshing vm states...")
+            for (const vm of vm_cache.vms) {
+                const stateValue = await getStateValue(vm.name, true)
+                vm.state = stateValue === "running" ? 'on' : 'off';
+            }
+        }else{
+            Logger.info("VMs havent been Loaded yet, loading now...")
+            for (const vm of settings.qemu_vms) {
+                Logger.info("Loading " + vm.name)
+                const vCpuCount = await getVcpuCount(vm.name);
+                const maxMemory = await getMaxMemory(vm.name);
+                const autostartValue = await getAutostartValue(vm.name);
+                const autostart = autostartValue === "enable";
+                const stateValue = await getStateValue(vm.name);
+
+
+                const state: 'on' | 'off' = stateValue === "running" ? 'on' : 'off';
+
+
+                vm_cache.vms.push({
+                    name: vm.name,
+                    os: vm.os,
+                    vCpuCount: vCpuCount || 0,
+                    maxMemory: maxMemory || 0,
+                    autostart: autostart,
+                    state: state
+                });
+            }
        }
+        return vm_cache.vms;
+    } catch (error) {
+        console.error('Error fetching VM info:', error);
    }

-    return vm_cache.vms;
+
 });